ZAP 的桌面应用程序代码审查
Desktop Application Code review by the ZAP
据我所知,ZAP 可用于 .NET Web 应用程序和服务测试,不能用于桌面应用程序测试。我需要测试桌面应用程序。
在ZAP Getting Started PDF中,写到可以做code review。那么 ZAP 是否有可能对 .NET 桌面应用程序进行代码审查?如果是,那又如何?
您似乎没有完整阅读正文。 Code Review 被列为一种安全测试...
Security testing is often broken out, somewhat arbitrarily, according to either the type of
vulnerability being tested or the type of testing being done. A common breakout is:
• Vulnerability Assessment – The system is scanned and analyzed for security
issues.
• Penetration Testing – The system undergoes analysis and attack from simulated
malicious attackers.
• Runtime Testing – The system undergoes analysis and security testing from an enduser.
• Code Review – The system code undergoes a detailed review and analysis looking
specifically for security vulnerabilities.
该文档接着解释了 Penetration Testing 是什么以及 ZAP 如何用作 Penetration Test 的一部分。
据我所知,ZAP 可用于 .NET Web 应用程序和服务测试,不能用于桌面应用程序测试。我需要测试桌面应用程序。
在ZAP Getting Started PDF中,写到可以做code review。那么 ZAP 是否有可能对 .NET 桌面应用程序进行代码审查?如果是,那又如何?
您似乎没有完整阅读正文。 Code Review 被列为一种安全测试...
Security testing is often broken out, somewhat arbitrarily, according to either the type of vulnerability being tested or the type of testing being done. A common breakout is: • Vulnerability Assessment – The system is scanned and analyzed for security issues. • Penetration Testing – The system undergoes analysis and attack from simulated malicious attackers. • Runtime Testing – The system undergoes analysis and security testing from an enduser. • Code Review – The system code undergoes a detailed review and analysis looking specifically for security vulnerabilities.
该文档接着解释了 Penetration Testing 是什么以及 ZAP 如何用作 Penetration Test 的一部分。